Mailinglist Archive: opensuse (2572 mails)

< Previous Next >
Re: [opensuse] 25C3: Hackers completely break SSL using 200 PS3s
  • From: G T Smith <grahamsmith@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 02 Jan 2009 12:09:31 +0000
  • Message-id: <495E03FB.90203@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Hash: SHA1

Carlos E. R. wrote:

On Friday, 2009-01-02 at 10:15 -0000, G T Smith wrote:

Hmmm... reading the article a little closer. This was only possible from
one certificate supplier with two key bits of knowledge about that
suppliers certificates, a fixed certificate signing response time, a
sequential serial number and took two days to perform with $20K worth of
computing power... Not quite in the same league as the WEP hack ....

But the "bad guys" can have that kind of manpower and money, if there is
money to be earned. Just look at the amount of phising attempts every

Phishing largely depends on the naivety of the end user, like any other
con. So is a different line of attack, and there is no security against
stupidity. IIRC most phishing attacks make use of other peoples machines
resources :-)

Certificates normally have an expiry date, so therefore this kind of
attack would normally only be useful if the hack can be reasonably
achieved within the time frame of the expiry cycle. The generation
process time has been probably been significantly reduced because two
factors are known and predictable, the real question is what is the
generation process time if these are not known (or to put it more
accurately the probability of successfully generating a forged
certificate before it expires, if these factors are not known).

The weakness of the approach is that it also can be nullified very
simply (and according to this report already has).

In this case I would focus on the question of the use of sequential
serial numbers and a static response time... a little randomness in
these could make the problem more difficult (but not impossible)...

That is very true.

I wonder if they checked other authorities and how many they found

They said 97% of the certificates which used the method came from one
source, and they targeted this source. As a result cas issued by this
source are to be flagged as dodgy. They say nothing about the other 3%
also using the method, so to what extent this is a flaw in md5 signed
certificates or a flaw in how the source deploys those certificates is a
moot point.

I would only be really worried if I was using a certificate from this
source to protect something of value on the basis of this report, it
really says little about the security (or lack of it) for md5
certificates in general.

Not something I would be inclined to press the panic button for, but I
would not discount it either...

-- Cheers,
Carlos E. R.

- --
I have always wished that my computer would be as easy to use as my
My wish has come true. I no longer know how to use my telephone.

Bjarne Stroustrup
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with SUSE -

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >